Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
January 3, 2024 at 08:36AM Malware utilizing an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions, allowing continuous access to Google services even after a password reset. Threat actor PRISMA first revealed the technique, which has been incorporated into various malware-as-a-service (MaaS) stealer families. Google acknowledges the attack and advises users to log … Read more